“Botnets” and “Internet of Things Attacks” may sound like terms from a “future trends” research article, but they are very real and current issues in the IT world. But before we dive into what they are and how they work it’s important that we cover the basic building block of these botnets and attacks, Internet of Things (IoT) devices.
What is an Internet of Things Device?
An IoT Device is defined by TechTarget as a “nonstandard computing device that connects wirelessly to a network and has the ability to transmit data.”
Recently we wrote a post about smart offices that included a section on smart lighting systems and thermostats like the one made by Nest. These devices, and others like refrigerators, TV’s and even door locks that can be connected, monitored, and controlled over your network and through your smart phone are all examples of Internet of Things Devices.
What is a botnet?
TechTarget defines a botnet as “a collection of internet-connected devices, which may include PCs, servers, mobile devices and internet of things devices that are infected and controlled by a common type of malware.”
The term “Botnet” comes from the words robot and network referring to large groups of devices, usually compromised for malicious activities. Hackers generally look for vulnerable devices, ones without the latest software updates or with easily compromised passwords, and infect them with publicly available malware.
The hacker (or group of hackers) instructs these botnets to do certain things like overload a website with an outlandish number of requests to effectively shut it down, to send spam, and to further spread the malware itself.
Until fairly recently, devices compromised and used as components of botnets were generally Windows computers. Compromising smaller IoT devices for that purpose, however, is a growing trend. This trend is particularly troubling because these IoT devices are often not very sophisticated in terms of security, and they often do not get software updates from their manufacturers as regularly as say a Windows PC does. In short, there are a lot of devices on the market—and more are added every day—that haven’t been designed with security in mind. We expect this to be a major IT security problem for years to come until IoT vendors collectively take security as seriously as getting products to market.
A good example of this kind of attack, otherwise known as an “Internet of Things Attack”, occurred last October when a botnet was instructed to send wave after wave of requests to domain name servers owned by Dyn. This attack made it extremely difficult and for some, impossible, to access certain websites. The scary thing about this, and attacks like this, was that they were carried out using publicly available code running on devices that are increasingly ubiquitous in our lives. The Dyn attack was not the first and won’t be the last. If you’re interested in other examples check out this article from ZDNet about five other IoT attacks.
Gartner projected that by this year 8.4 billion “connected things” would be in use, a 31% growth over last year, and Wired brought up a good point that the security of IoT might not be ready for the widespread use of the technology.
Now this is just a brief overview of what a botnet is and how they are used in IoT attacks. That being said, we hope it highlights the importance of keeping your systems updated, having unique and strong passwords, having proper security practices and systems in place for all devices connected to your network, and a way to monitor those devices and the network they are on.